i recently switched from synology vpn(forward port 1194 to synology) to the native Asus vpn server.
as far as i can see everything is working.
this morning i discovered some errors in the log.
it looks like somebody tried to use the VPN from outside but i was asleep.
is this a sign of somebody trying to get in
Jun 7 04:31:21 vpnserver1[31021]: TLS Error: cannot locate HMAC in incoming packet from [AF_INET]199.195.248.205:55958 (via [AF_INET]xxx.xxx.xxx.xxx%eth0)
Jun 7 05:23:15 vpnserver1[31021]: TLS Error: cannot locate HMAC in incoming packet from [AF_INET]146.88.240.4:54036 (via [AF_INET]xxx.xxx.xxx.xxx%eth0)
Jun 7 07:16:41 vpnserver1[31021]: TLS Error: cannot locate HMAC in incoming packet from [AF_INET]142.93.148.22:38917 (via [AF_INET]xxx.xxx.xxx.xxx%eth0)
Jun 7 08:08:16 kernel: eth4 (Ext switch port: 3) (Logical Port: 11) (phyId: b) Link UP at 1000 mbps full duplex
these are the settings i used
looks like extra HMAC security is really needed
anything else i can change to up the security?
as far as i can see everything is working.
this morning i discovered some errors in the log.
it looks like somebody tried to use the VPN from outside but i was asleep.
is this a sign of somebody trying to get in
Jun 7 04:31:21 vpnserver1[31021]: TLS Error: cannot locate HMAC in incoming packet from [AF_INET]199.195.248.205:55958 (via [AF_INET]xxx.xxx.xxx.xxx%eth0)
Jun 7 05:23:15 vpnserver1[31021]: TLS Error: cannot locate HMAC in incoming packet from [AF_INET]146.88.240.4:54036 (via [AF_INET]xxx.xxx.xxx.xxx%eth0)
Jun 7 07:16:41 vpnserver1[31021]: TLS Error: cannot locate HMAC in incoming packet from [AF_INET]142.93.148.22:38917 (via [AF_INET]xxx.xxx.xxx.xxx%eth0)
Jun 7 08:08:16 kernel: eth4 (Ext switch port: 3) (Logical Port: 11) (phyId: b) Link UP at 1000 mbps full duplex
these are the settings i used
looks like extra HMAC security is really needed
anything else i can change to up the security?
